I need to populate my database with test data. But my data needs to be manipulated to be put into the form by my PHP FORM before upload.
How can I automatic the process of filling out my web application form field, which also need to accept uploading images?
Progamatically, you can do this by making a post request in your language of choice.
Tool wise, you can use Fiddler2 which has support for making HTTP Post requests.
You'll have to fill out the HTTP Request body properly; usually form post variables look like this:
name1=value1&name2=value2
Or use curl.
This SuperUser question shows how to make an HTTP post using curl.
Related
I'm building some efficiency tools for a crappy website. This website uses http-posts for some of it's navigation. What I need is that when a user runs a script on an url (redirect.php), I want the client to post to an url on an external site, with some variables.
I know I could do this with javascript, creating a form and posting to it, but I would prefer doing it with php if possible. It needs to be the client that get's forwarded, because they are authenticated with the website that I'm sending them to.
The only way to make a browser send a POST request anywhere is by making a form and submitting it, or doing equivalent trickery using Javascript. You cannot make a browser issue a POST request in response to a redirect response. There are specifications for response codes which allow "POST redirects", but no current browser implements them.
Context:
There is an asp page in another web site that contains a search form. After submitting this form with the search value, the page displays the results of the search in an iframe.
Question:
I want to use the returned result in my page without loading that page in browser. I have got permission from the other web site administrator. I know php and jQuery. How should I proceed?
Example:
abcd.asp contains a form which contains <input name="regno"/> and a submit button. The form submits to itself and results Name, date of birth and Marks is returned in table format in an iframe.
Notes:
I have a page with same <input> and upon submitting it will use the above asp page and get details and display it in my page.
Easiest way:
Use jQuery to submit your page via AJAX to a local PHP file.
When the local PHP file gets the request, do a curl post request to your remote page and fetch the results.
Return these results in your local PHP script so that these will be available to your AJAX request
Your ajax request now has the remote contents, so just use jQuery to push them into the document.
You should use AJAX to perform this task. It loads a particular section of data without reloading a page. More info about what is ajax is here
Your best option is to use jQuery's ajax method. To make this work with different domains you need to enable crossdomain support. This is very easy in jQuery:
$.support.cors = true; // enable cross domain support
Now you can make a request to another domain. Of course the server on that domain must also accept cross-domain requests. ;)
Option 1 - HTTP GET & JSONP
As Twisted1919 pointed out you have to use jsonp if you want to make a HTTP GET request. If you're not familiar with jsonp It requires a bit of reading to understand the concept. But there is excellent support for this in jQuery (as described in jQuery.ajax()).
Option 2 - HTTP POST
If you're using http post to make your request you can simply use jQuery.post() for this. With cros domain enabled an the server accepting your request this should work out of the box.
I would like to ask this because if no quite sure that it secure.
I am planning on changing my page to ajax based registration. So my data will be inserted using jquery ajax post.
But if someone uses firebug and see where my post is being sent, they can use other form of firefox addons to post data on that url and can easily register without going to my page.
Although I can validate the request first where it is comming from though but that would be extra codes and work.
I will also add server validations for my form since someone can register without validation using the direct url that they will see on firebug.
I just wanted to know if there is already a standard procedures in applying ajax based data post.
But with ajax based select / fetch is cool and very useful.
Currently this is what I am planning on doing on my registration page.
validate that all request's must come from my registration page.
might use a transaction / request code
might use cookie
might use session
might use date time comparisson
if validation fails I should have a form validation on server side
to clean my the posted data before inserting to db
Never trust a UI.
Whether you do an Ajax post or a standard post, people can figure out what you are posting and create their own client. Even if you use https, the person controlling the browser can see what is posted and decipher the protocol.
You need to create your service so that it is not vulnerable to a user handcrafting a client.
If a user can use their browser to register on your site via Ajax, they can spoof the registration using some other programming language. There isn't anything you can do to make it so they can only register from your site via Ajax.
You can implement tricks to make it difficult for them to figure out, but you can't make it impossible. They can spoof the referrer, load other pages to get the required cookies/session variables, spoof Ajax request headers etc.
I am supposed to capture data from a form and send the data to a url on a different server.For eg:-I have a form on a page at the url http://www.form.com/register.php.
I capture all the data from this form and for some reason need this data to be processed on a page on another server at http://www.thereceivingpage.com/process.php.
As of now I am using headers to redirect with the parameters in the query string something like this:-Header(Location:http://www.thereceivingpage.com/process.php?name=alice&address=a1&address2=a2) but I need to send a larger amount of data which wont happen as GET request. Can anyone suggest a better way where in I can post data rather than the data in the query string ...thanks
Use cURL. If you have to redirect to the site, it gets a bit trickier but you can still do it. You can get the cookie and redirect information back from the site and then do a GET redirect using header.
Can you not update the action to simply post directly to that form? Otherwise, you might want to look into something like curl: http://ca.php.net/manual/en/function.curl-exec.php
You'll pretty much re-use the header redirect syntax with the parameters but instead you'll tell it to be a post.
redirect to a page on a different server and post parameters to it
thanks to internet standards, that's impossible.
if it's third-party site, let user to interact with it directly. do not interfere between them, it smells
If you want to develop secure applications then you should be aware that http://www.thereceivingpage.com/process.php is vulnerable to Cross-site Request Forgery (CSRF), meaning that anyone, from any site, can post form data to process.php.
process.php should be checking for a token (which www.thereceivingpage.com transmitted to the user as part of the form) and should be rejecting form submissions that don't contain the token to prevent submissions coming from anywhere but www.thereceivingpage.com and thus protecting your users from being manipulated into making requests they didn't want to.
In addition to your concern about the size of the GET requests you cause the client to make when redirecting, it's also not a good practice to turn POST requests into GET requests.
The best solution is to completely rethink the notion of delivering a form from one site to be submitted to a different site.
You can manually set headers and send request or you can use curl
see this
http://www.askapache.com/htaccess/sending-post-form-data-with-php-curl.html
What I'm trying to do is:
I have a form. I submit that form. In the code of the target script I want to make some validations. In a certain case, I want to make a POST to another URL. I don't want to just make a redirect to an URL.
I don't know if this is possible, that's why I'm asking.
I'm working with PHP.
Thanks!
To the people who suggested cURL: Building a request like so will send the data on behalf of the server not the client. I don't think he wants that.
He wants POST forwarding and that, if it were to exist (and I don't think it does), should be implemented by the browser.
What I suggest is to use an AJAX call to make the validation before posting. And then depending on the response you choose the destination for posting (on the client side).
To summarize: You request a validation from the client. You do that validation on the server. You send back instructions to the client. You post according to the instructions received from the server.
I'm not sure if you understand this, but any details of requests made by the user(client) are known in full by him. You can't make him POST to an URL, have a password in that POST, and not have access to that password.
Note: If it's easier you can read JavaScript and PHP instead of client and server.
It is definitely possible. You could use the PHP cURL library to easily create a POST request. But this might be overkill for what you are trying to achieve. Is it a possibiity to do the validation in JavaScript and change the form action attribute with JavaScript after submitting?
In what case would you need to post it to another PHP file.
Couldn't you simply use IF statements to redirect the script to another script depending on the results of the validation?